Leak compromises thousands of Hotmail passwords

If you have a Hotmail account and you’re not good at changing your password regularly, I’d advise you to do it today.

Neowin.net reported that thousands of Hotmail accounts and passwords were leaked and anonymously posted on Pastebin.com, a debugging and code-sharing Web site.

The post with the information has since been removed, but Neowin said it saw a partial alphabetical list with over 10,000 accounts starting with the letters A and B that appeared to be mainly from European users.

“Currently it appears only accounts used to access Microsoft’s Windows Live Hotmail have been posted, this includes @hotmail.com, @msn.com and @live.com accounts,” Neowin said.

A Microsoft spokeswoman said the company is currently working to help users regain control of their accounts.

“…We have taken measures to block access to all of the accounts that were exposed and have resources in place to help those users reclaim their accounts,” the spokeswoman said in an e-mail.

Microsoft confirmed the leak occurred during the weekend. The Windows Live blog said the company determined the incident was not a result of an internal data breach and believes the account information was probably obtained through a phishing scheme.

In phishing scams, hackers typically trick users into opening a link with malicious content from a spam e-mail.

The company advices Hotmail users to change their passwords every 90 days and keep their anti-virus software up to date.

*UPDATE: Windows is directing people whose accounts have been disabled to reclaim access by filling out this form.

A company spokeswoman declined to disclose the specific number of accounts that have been compromised.